In this issue

Apache httpd 2.0.48 was released on 29th October 2003 and is
now the latest version of the httpd 2.0 server. The previous
release was 2.0.47, released on the 10th July 2003.
See
what was new in Apache httpd 2.0.47.

Security issues

Fix issues in the mod_cgid module
(usually only used with threaded MPMs on Unix) which could
result in script output being sent to the wrong client.
The Common Vulnerabilities and Exposures project
has assigned the name
CAN-2003-0789
to this issue.

Fix buffer overflows in the handling of regular
expressions from configuration files in
mod_alias and mod_rewrite.
To exploit this issue an attacker would need to have the ability
to write to Apache configuration files such as .htaccess or httpd.conf. A
carefully-crafted configuration file can cause an exploitable buffer
overflow and would allow the attacker to execute arbitrary code in the
context of the server.
The Common Vulnerabilities and Exposures project
has assigned the name
CAN-2003-0542
to this issue.

Bugs fixed

The following bugs were found in httpd 2.0.47 and have been
fixed in httpd 2.0.48:

New features

Apache httpd 1.3.29 was released on 29th October 2003 and
is now the latest version of the Apache httpd 1.3 server. The previous
release was 1.3.28, released on the 18th July
2002. See
what was new in Apache httpd 1.3.28.

Security issues

Fix buffer overflows in the handling of regular
expressions from configuration files in
mod_alias and mod_rewrite.
To exploit this issue an attacker would need to have the ability
to write to Apache configuration files such as .htaccess or httpd.conf. A
carefully-crafted configuration file can cause an exploitable buffer
overflow and would allow the attacker to execute arbitrary code in the
context of the server.
The Common Vulnerabilities and Exposures project
has assigned the name
CAN-2003-0542
to this issue.

Bugs fixed

The following bugs have been fixed in 1.3.29:

fix a bug introduced in 1.3.28 where zombie processes
could be left when using CGI scripts with suexec

fix a bug introduced in 1.3.28 where some file descriptors
would be closed twice; this could cause problems particularly
for third-party modules which keep database sockets open
across several requests.

fix a connection handling problem when a redirect is sent
as an error document response.